Third-party apps serve up danger

Nov 19, 2013

For the past few years, most businesses have focused on improving their endpoint security, securing their networks, and worrying about intrusion prevention. This has left them ill-equipped to handle the flood of threats that are entering the organisation at the application layer.
Research has revealed that third-party applications are putting the businesses in greater danger than ever before, introducing a myriad risks into the IT environment, says Simon Campbell-Young, CEO of Phoenix Distribution.

As the mobile threat landscape grows, knowing what the risks are involved remains the best defence, he says.

“Many dangers lurk in the shadowy corners of third party app sites – from tricking users into downloading malware-laden apps, or clicking on malicious links, to mobile devices being used in cybercriminal botnets. These are real dangers that mobile users are facing today. Cyber criminals look for the low-hanging fruit. They are focusing on the application layer, as this has traditionally been ignored in terms of security.”

Third party apps are serving up malware, and facilitating drive-by downloads. Many of the vulnerabilities are being exploited, as the attackers do not even need the user’s permission to execute malware downloads.

Attacks on the application layer are growing because they work, says Campbell-Young.

“Unfortunately, outside applications are not subject to the same rigorous updates as the applications by major vendors are, and as such, are leading to a huge increase in malicious infections.”

Cybercrooks are cognisant of the fact that although organisations have most of the other bases covered, including endpoints and operating system protection, and even make sure they apply patches from commercial vendors on a regular basis, they still are woefully inadequately prepared when it comes to protecting against flawed apps.

Research estimates that there are several million unpatched apps running on machines around the world as we speak.

He adds that huge volumes of targeted attacks that use spear phishing are exploiting vulnerabilities in third party apps to achieve their malicious ends.

“This is currently the most popular attack vector, used by cybercriminals to access a target’s network.”

The same vulnerabilities are being used by criminals to exploit users who visit infected Web sites – victims are tricked into downloading documents from sites they know to be reputable, but those documents can exploit those third party flaws.

“For some of these exploits to succeed, the user does not even need to open the document, merely visiting the infected site is enough. Downloading from third-party app sites is understandably tempting – free versions of desirable apps are there for the taking, as well as other apps that you cannot get from first-party providers.

“However, question whether it is worth putting your devices, and with them, your most sensitive information at risk,” concludes Campbell-Young.